The cybersecurity company NordLayer analyzed Black Friday-related keywords on the dark web and discovered that hackers start preparing for the shopping festivities months in advance. Data shows that April is the month with the biggest amount of discussions about Black Friday on the dark web, and August is the least busy.
“Black Friday became synonymous with getting great deals, so this keyword is popular year-round. Vendors on the dark web marketplaces know that when a potential customer sees the term Black Friday,’ they will likely be attracted to the idea of saving, regardless of what season it is,” says Carlos Salas, a cybersecurity expert and head of web engineering at NordLayer.
Black Friday brings a significant amount of traffic and interest. For instance, Black Friday saw online spending reach $9.1 billion last year, up 2.3% YoY. However, high sales mean a good opportunity for frauds to make some money, too. Another study revealed that losses due to Black Friday and Cyber Monday grew by 22% last year.
Why is the Black Friday topic popular on the dark web all year long?
Black Friday has now become associated with striking a great deal, and its seasonality is getting less important. Marketplaces on the dark web also follow this logic, offering Black Friday discounts on leaked data, illegal substances, or services. Various subscription services are among the most popular bargains there.
Salas explains: “Black Friday has become a breeding ground for scams and fraudulent activities on the dark web. Cybercriminals are also gearing up to exploit the excitement and vulnerabilities of consumers and businesses.” He adds, “Companies might experience double the risk because frauds often copy their websites or send phishing emails on behalf of trustworthy businesses, creating reputational risk.”
When does the Black Friday scam season begin?
While Black Friday falls on the day after Thanksgiving in November, the planning and execution of scams associated with the event typically take place long before. Research findings indicate that April is when the keyword “Black Friday” reaches the top, and August is the least prominent month in terms of “Black Friday” search volumes. However, right after that, in September, these searches doubled compared to August.
“The possible reason behind this early start is the need to establish a network of resources, from stolen personal data to compromised accounts, to facilitate their scams when Black Friday arrives. Criminals also seek to exploit the heightened sense of urgency and excitement surrounding the holiday season to deceive unsuspecting shoppers,” says Salas.
Popular retailers are the prime targets
The research indicates that cybercriminals on the dark web predominantly target popular online retailers, with Amazon, eBay, and Target topping the list. These platforms offer a massive customer base and a wide range of products, making them ideal targets for fraudsters.
For example, searches for keywords like “Amazon,” one of the world’s largest e-commerce platforms, grew by more than 45% in January, 15% in May, and 13% in March compared to the average of the last 12 months. As a recent crackdown against cybercrime in India shows, 76 illicit call centers posing as Microsoft and Amazon were raided by authorities as part of a statewide drive on cybercrime.
Regarding eBay, January is also the most popular month, with its search keywords growing by 68%. Also, in March, searches increased by 46% and in April by 19%. Searches for Target grew by 41% in March, 31% in January, and 15% in April.
“Black Friday is a convenient occasion for fraudsters to try to exploit data or money with a higher success rate. However, fraudulent websites are going nowhere even after this event ends, so critical thinking and careful website checking have to stay all year round,” says Salas. “Scammers clone websites of popular retailers due to their familiarity. Such websites create an illusion of trustworthiness. Thus, some buyers get bamboozled.”
From the observed data, it is possible to say that for fraudsters, Black Friday is a year-long campaign, not limited to a specific month or celebration. However, popular retailers will always have a higher probability of scams.
What are the most common types of scams on Black Friday?
Salas says that the most important action in helping to battle various scammers is the ability to recognize them by staying informed. Below he shares the five most popular Black Friday scams businesses can expect this year:
- Phishing scams. Phishing attacks are the most prevalent type of attack, even on Black Friday. Scammers use a sense of urgency and pressure people into making fast decisions without paying much attention to the details.
- Fake websites. Scammers create fake online stores that mimic the appearance of well-known retailers. They offer products at incredibly low prices to lure in shoppers, but they never deliver the goods, leaving people without their purchase and money. Be mindful of websites that misspell the original name of the domain, use numbers instead of letters, or have a subdomain in the website URL code.
- Gift card scams. Be cautious when buying gift cards from third-party sellers, especially online. Scammers may sell counterfeit or empty gift cards, leaving them with a worthless purchase.
- Fake order confirmation. Be careful with messages, phone calls, and emails containing information about a delivered package or confirmed order that you can’t remember making.
- Social media scams. 88% of all purchase scams are obtained through social media. Think before you click, and don’t chase “too-good-to-be-true” deals.
Methodology. The data was compiled in partnership with independent researchers specializing in cybersecurity incident research. They analyzed keywords of the most popular Black Friday topics, retailers, and attack techniques. The keyword searches were done in the time period between September 2022 and August 2023.
Read next: 74% of CEOs worry about mitigating potential cyberattacks – Accenture report